./net/asterisk13, The Asterisk Software PBX

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 13.19.0, Package name: asterisk-13.19.0, Maintainer: jnemeth

Asterisk is a complete PBX in software. It provides all of the
features you would expect from a PBX and more. Asterisk does voice
over IP in three protocols, and can interoperate with almost all
standards-based telephony equipment using relatively inexpensive
hardware.

Asterisk provides Voicemail services with Directory, Call Conferencing,
Interactive Voice Response, Call Queuing. It has support for
three-way calling, caller ID services, ADSI, SIP and H.323 (as both
client and gateway).

This is a long term support version. It is scheduled to go to
security fixes only on October 24th, 2018, and EOL on October 24th,
2019. See here for more information about Asterisk versions:
https://wiki.asterisk.org/wiki/display/AST/Asterisk+Versions

NOTE: This version does not work with the zaptel drivers. It
requires the newer DAHDI drivers which are still being ported.
So, there is no hardware support available at this moment.


Required to run:
[textproc/libxml2] [www/curl] [audio/speex] [lang/perl5] [shells/bash] [devel/libuuid] [textproc/iksemel] [textproc/jansson] [audio/speexdsp] [comms/srtp]

Required to build:
[pkgtools/cwrappers]

Package options: asterisk-config, jabber, ldap, speex

Master sites: (Expand)


Version history: (Expand)


CVS history: (Expand)


   2018-01-23 09:26:08 by John Nemeth | Files touched by this commit (5) | Package updated
Log message:
update to Asterisk 13.19.0 -- this contains both security fixes
and general bug fixes, fixes AST-2017-005, AST-2017-006, AST-2017-007,
AST-2017-008, AST-2017-009, AST-2017-10, AST-2017-11, AST-2017-12,
AST-2017-13, and AST-2017-14 (note that a number of these only
pertain to PJSIP which isn't used in pkgsrc)

----- 13.19.0 -----

The Asterisk Development Team would like to announce the release
of Asterisk 13.19.0.

The release of Asterisk 13.19.0 resolves several issues reported
by the community and would have not been possible without your
participation.

Thank you!

The following issues are resolved in this release:

New Features made in this release:
-----------------------------------
 * ASTERISK-27478 - PJSIP: Add CHANNEL(pjsip,request_uri) to get
      incoming INVITE Request-URI.
      (Reported by Richard Mudgett)
 * ASTERISK-27413 - Add cache_media_frames debugging option.
      (Reported by Richard Mudgett)
 * ASTERISK-27206 - res_pjsip: No mechanism exists to limit
      endpoint identification to IP only
      (Reported by Ben Merrills)

Bugs fixed in this release:
-----------------------------------
 * ASTERISK-27531 - Compiler optimizations can break module load
      sequence.
      (Reported by abelbeck)
 * ASTERISK-27480 - Security: Authenticated SUBSCRIBE without
      Contact crashes asterisk
      (Reported by Ross Beer)
 * ASTERISK-27299 - Asterisk Hangs with Bad file descriptor on
      read()
      (Reported by Abhay Gupta)
 * ASTERISK-25079 - AMI bridge of channels results in MOH not
      destroyed and robotic audio on one channel
      (Reported by Zane Conkle)
 * ASTERISK-27490 - chan_console: 'set active' fails to work
      (Reported by Tzafrir Cohen)
 * ASTERISK-24756 - ConfBridge sound_muted does not work from
      CLI or AMI
      (Reported by Thomas Frederiksen)
 * ASTERISK-25649 - Transfer application does not work with
      Local channels - documentation misleading
      (Reported by Ivan Ullmann)
 * ASTERISK-25869 - chan_sip: "rejected because extension not
      found" should be logged as a security event
      (Reported by Brian J. Murrell)
 * ASTERISK-27440 - Strictrtp has issues to qualify video rtp
      streams
      (Reported by Wim De Vlaminck)
 * ASTERISK-24329 - Music On Hold announcement cuts intro of
      music the first time it is played
      (Reported by Thomas Frederiksen)
 * ASTERISK-19657 - Coverity Report: Fix issues for error type
      CHAR_IO
      (Reported by Matt Jordan)
 * ASTERISK-27175 - iax.conf demo peer is invalid
      (Reported by Tzafrir Cohen)
 * ASTERISK-27430 - README refers to security documents that do
      not exist.
      (Reported by Corey Farrell)
 * ASTERISK-20281 - "core set verbose" behaves strangely, can't
      alias it, cli.conf example broken
      (Reported by Tim Ringenbach at Asteria Solutions Group)
 * ASTERISK-27382 - crash after an invalid rtcp packet from GT48
      FXS gateway
      (Reported by Tzafrir Cohen)
 * ASTERISK-27429 - res_rtp_asterisk: Multiple reports in an
      RTCP packet will write past where it should
      (Reported by Vitezslav Novy)
 * ASTERISK-27408 - Identify causes and fix
      pjsip/resolver/srv/failover/in_dialog/transport_tcp
      (Reported by Corey Farrell)
 * ASTERISK-18411 - Queue members with hints for state_interface
      get stuck in "In Use" state.
      (Reported by Steven T.  Wheeler)
 * ASTERISK-26131 - chan_sip: Crash Asterisk (in
      sip_request_call at chan_sip.c) by making a call to a single
      character in a dot pattern match
      (Reported by Dwayne Hubbard)
 * ASTERISK-27475 - codec_opus requires libcurl
      (Reported by Samuel For)
 * ASTERISK-27467 - pjsip_options: qualify_frequency sometimes
      not applied on reload
      (Reported by John Bigelow)
 * ASTERISK-27465 - CLI Completion Not Working
      (Reported by Ross Beer)
 * ASTERISK-27460 - CDR: Deadlock using AMI Originate with
      Variable CDR(amaflags)=...
      (Reported by Richard Mudgett)
 * ASTERISK-27453 - RTP: Blind transfer direct media scenario
      results in one way audio.
      (Reported by Richard Mudgett)
 * ASTERISK-20643 - SIP ICE support - remove hardcoded
      limitation on SDP size, make ICE support disabled by default in
      SIP, maybe provide a better warning message
      (Reported by Roy)
 * ASTERISK-26980 - pjsip: Clean up WebRTC disables
      (Reported by abelbeck)
 * ASTERISK-27452 - Security: chan_skinny:  Memory exhaustion if
      flooded with unauthenticated requests
      (Reported by George Joseph)
 * ASTERISK-27454 - res_http_post: Don't require
      GMIME_MAJOR_VERSION
      (Reported by Joshua Colp)
 * ASTERISK-23735 - Transcoding makes bad choice in high-rate
      translations
      (Reported by Richard Kenner)
 * ASTERISK-27445 - ARI: Updating a bridge gives wrong error
      message.
      (Reported by Frank Durden)
 * ASTERISK-24662 - [patch] column and row headers for Signed
      Linear format variants in output of 'core show translation' are
      ambiguous
      (Reported by Rusty Newton)
 * ASTERISK-27353 - H323 audio starts with a delay of 2
      seconds.
      (Reported by Marco Giordani)
 * ASTERISK-27442 - pjsip: 183 without To tag does not negotiate
      media
      (Reported by Kevin Harwell)
 * ASTERISK-27437 - [patch] ICE: server-reflexive candidates
      (srflx) with Dual-Stack.
      (Reported by Alexander Traud)
 * ASTERISK-27434 - [patch] chan_sip/ICE: Square brackets around
      IPv6 addresses.
      (Reported by Alexander Traud)
 * ASTERISK-27435 - [patch] configure:
      pjsip_evsub_set_uas_timeout not found.
      (Reported by Alexander Traud)
 * ASTERISK-27431 - Asterisk fails to build when openssl headers
      are not installed.
      (Reported by Corey Farrell)
 * ASTERISK-27332 - Asterisk fails to configure on MacOS Sierra
      (Reported by Ivan Larionov)
 * ASTERISK-27421 - RTP source learning not working with devices
      that have some clock issues
      (Reported by nappsoft)
 * ASTERISK-27361 - Attended transfer crashes in Asterisk
      13.17.2
      (Reported by Alessandro Pimenta)
 * ASTERISK-27238 - Bridging: Crash freeing a frame that's
      already been freed
      (Reported by Richard Kenner)
 * ASTERISK-27412 - core: Audiohook freeing interpolated frame
      when it shouldn't.
      (Reported by Mikhail)
 * ASTERISK-27423 - app_record:  We set the RECORD_STATUS
      channel variable before closing the file
      (Reported by George Joseph)
 * ASTERISK-26758 - res_hep_pjsip: For WebRTC clients Asterisk
      insert same ip address in "source ip address" and "destination
      ip address" fields in HEP packets
      (Reported by Max Norba)
 * ASTERISK-27363 - res_http_websocket: Wrong LocalAddress (it
      is equal to RemoteAddress)
      (Reported by Vasilii Rogin)
 * ASTERISK-27415 - asterisk.conf: Setting astctl without
      setting astrundir is ineffective.
      (Reported by Corey Farrell)
 * ASTERISK-27411 - pjsip: TCP connections may not be destroyed
      (Reported by Joshua Colp)
 * ASTERISK-27345 - res_pjsip_session: RTP instances leak on 488
      responses.
      (Reported by Corey Farrell)
 * ASTERISK-27337 - chan_sip: Security vulnerability with client
      code header (revisited)
      (Reported by Richard Mudgett)
 * ASTERISK-27319 - (Security) Function in PJSIP 2.7
      miscalculates the length of an unsigned long variable in 64bit
      machines
      (Reported by Kim youngsung)
 * ASTERISK-27391 - Regression: Deadlock between AOR named lock
      and pjproject grp lock
      (Reported by shaurya jain)
 * ASTERISK-27393 - res_pjsip: Crash occurs when an empty
      contact read from astdb or database
      (Reported by Aaron An)
 * ASTERISK-27290 - res_pjsip: PIDF contact field has
      malformed/invalid XML
      (Reported by basildane)
 * ASTERISK-27032 - res_pjsip: TLS options do not handle empty
      values
      (Reported by seanchann.zhou)
 * ASTERISK-27394 - [patch] tcptls: Print notice when TLS is
      enabled but not configured.
      (Reported by Alexander Traud)
 * ASTERISK-26426 - format_ogg_opus: remove from source
      (Reported by Kevin Harwell)
 * ASTERISK-27378 - Modules: Fix issues with CLI completion.
      (Reported by Corey Farrell)
 * ASTERISK-27387 - Regression: pjsip 13.18.0 - from_user - "+"
      character isn't allowed any more
      (Reported by Michael Maier)
 * ASTERISK-27390 - Audit menuselect module dependencies
      (Reported by Corey Farrell)
 * ASTERISK-27389 - Optional API modules should not allow
      unload.
      (Reported by Corey Farrell)
 * ASTERISK-27369 - Bridge() dialplan application fails without
      setting BRIDGERESULT channel variable
      (Reported by James Terhune)
 * ASTERISK-27377 - Typo in CHANNEL(dtmf_features) usage
      documentation
      (Reported by Igor Goncharovsky)
 * ASTERISK-27181 - GCC 7 warning: app_voicemail.c: In function
      'imap_delete_old_greeting'
      (Reported by Anthony Messina)
 * ASTERISK-27194 - jitterbuffer: Does not handle case where
      translator returns null frame.
      (Reported by Joshua Elson)
 * ASTERISK-26639 - core: Disabling xmldoc support does not
      work. Also results in abort during Asterisk startup.
      (Reported by Mr Dini)
 * ASTERISK-27372 - ARI: Node ARI client broken in latest
      versions of 13 and 14
      (Reported by Benjamin Keith Ford)
 * ASTERISK-18140 - Expires handling in SUBSCRIBE confuses the
      absence of the Expires header field with an unsubscribe action.
      (Reported by Jonathan Cloots)
 * ASTERISK-25960 - The config_hook unit test causes Asterisk to
      crash if run a second time
      (Reported by George Joseph)
 * ASTERISK-27198 - res_pjsip: SDP contains IP4 instead of IP6
      when rtp_ipv6 set to yes
      (Reported by Martin Cisárik)
 * ASTERISK-27346 - res_xmpp: Crash if OAuth 2.0 is used before
      curl is loaded
      (Reported by Ronald Raikes)
 * ASTERISK-27365 - [patch] chan_sip: Crypto attribute not last
      but first on SDP media level.
      (Reported by Alexander Traud)
 * ASTERISK-24483 - res_pjsip_pubsub.so, res_pjsip_refer.so:
      Assertion on un/re-load: mod.id == -1
      (Reported by Tzafrir Cohen)
 * ASTERISK-23462 - Cannot disable SIP debugging via CLI after
      enabling with conf file option - also 'sip set debug off'
      reports debugging disabled, when it really isn't
      (Reported by Rusty Newton)
 * ASTERISK-27328 - Missing openssl dependencies in
      res_rtp_asterisk and tcptls
      (Reported by Tzafrir Cohen)
 * ASTERISK-27341 - [patch] res_pjsip_session: SIP/SDP origin
      (o=) contains local address.
      (Reported by Alexander Traud)
 * ASTERISK-27343 - Fails to build in FreeBSD due to
      sys/sysmacros.h not existing there
      (Reported by Guido Falsi)
 * ASTERISK-27340 - backtrace.c: Crash due to double-free.
      (Reported by Corey Farrell)
 * ASTERISK-27339 - [patch] Crash on ast_ssl_teardown when
      stopping.
      (Reported by Alexander Traud)
 * ASTERISK-27333 - sip_to_pjsip not correctly handling
      disallow=all directive
      (Reported by Torrey Searle)

Improvements made in this release:
-----------------------------------
 * ASTERISK-24297 - cdr.c: Minor code optimizations.
      (Reported by Richard Mudgett)
 * ASTERISK-27449 - [PATCH] When failing to acquire target
      during attended transfer, display wanted extension
      (Reported by Niklas Larsson)
 * ASTERISK-27456 - app_voicemail: Add new object for
      VoicemailUserEntry
      (Reported by sungtae kim)
 * ASTERISK-27380 - ast_coredumper: allow pointing out the
      asterisk binary explicitly
      (Reported by Tzafrir Cohen)
 * ASTERISK-23556 - Compilation warning for invert.c (array
      subscript is above array bounds)
      (Reported by Marcello Ceschia)
 * ASTERISK-27355 - Upgrade bundled PJPROJECT to 2.7
      (Reported by Richard Mudgett)
 * ASTERISK-27335 - CDR performance needs improvement.
      (Reported by Richard Mudgett)

For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telep … og-13.19.0

Thank you for your continued support of Asterisk!

----- 13.18.5 -----

The Asterisk Development Team would like to announce security
releases for Asterisk 13, 14 and 15, and Certified Asterisk 13.18.
The available releases are released as versions 13.18.5, 14.7.5,
15.1.5 and 13.18-cert2.

The following security vulnerabilities were resolved in these versions:

* AST-2017-014: Crash in PJSIP resource when missing a contact header
  A select set of SIP messages create a dialog in Asterisk. Those
  SIP messages must contain a contact header. For those messages,
  if the header was not present and using the PJSIP channel driver,
  it would cause Asterisk to crash.  The severity of this vulnerability
  is somewhat mitigated if authentication is enabled. If authentication
  is enabled a user would have to first be authorized before reaching
  the crash point.

For a full list of changes in the current releases, please see the ChangeLogs:

https://downloads.asterisk.org/pub/tele … og-13.18.5

The security advisory is available at:

https://downloads.asterisk.org/pub/secu … 17-014.pdf

Thank you for your continued support of Asterisk!

----- 13.18.4 -----

The Asterisk Development Team has announced security releases for
Certified Asterisk 13.13 and Asterisk 13, 14 and 15.  The available
security releases are released as versions 13.13-cert9, 13.18.4,
14.7.4 and 15.1.4.

The release of these versions resolves the following security
vulnerabilities:

* AST-2017-012: Remote Crash Vulnerability in RTCP Stack
  If a compound RTCP packet is received containing more than
  one report (for example a Receiver Report and a Sender
  Report) the RTCP stack will incorrectly store report
  information outside of allocated memory potentially causing
  a crash.

For a full list of changes in the current releases, please see the
ChangeLogs:
http://downloads.asterisk.org/pub/telep … og-13.18.4

The security advisories are available at:
http://downloads.asterisk.org/pub/secur … 7-012.html
http://downloads.asterisk.org/pub/secur … 17-012.pdf

Thank you for your continued support of Asterisk!

----- 13.18.3 -----

The Asterisk Development Team has announced security releases for
Certified Asterisk 13.13 and Asterisk 13, 14 and 15.  The available
security releases are released as versions 13.13-cert8, 13.18.3,
14.7.3 and 15.1.3.

The release of these versions resolves the following security
vulnerabilities:

* AST-2017-013: DOS Vulnerability in Asterisk chan_skinny
  If the chan_skinny (AKA SCCP protocol) channel driver is
  flooded with certain requests it can cause the asterisk
  process to use excessive amounts of virtual memory
  eventually causing asterisk to stop processing requests of
  any kind.

For a full list of changes in the current releases, please see the
ChangeLogs:
http://downloads.asterisk.org/pub/telep … og-13.18.3

The security advisories are available at:
http://downloads.asterisk.org/pub/secur … 17-013.pdf

Thank you for your continued support of Asterisk!

----- 13.18.2 -----

The Asterisk Development Team would like to announce the release
of Asterisk 13.18.2.

The release of Asterisk 13.18.2 resolves several issues reported
by the community and would have not been possible without your
participation.

Thank you!

The following issues are resolved in this release:

Bugs fixed in this release:
-----------------------------------
 * ASTERISK-27387 - Regression: pjsip 13.18.0 - from_user - "+"
      character isn't allowed any more
      (Reported by Michael Maier)
 * ASTERISK-27391 - Regression: Deadlock between AOR named lock
      and pjproject grp lock
      (Reported by shaurya jain)

For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telep … og-13.18.2

Thank you for your continued support of Asterisk!

----- 13.18.0 -----

The Asterisk Development Team would like to announce the release
of Asterisk 13.18.0.

The release of Asterisk 13.18.0 resolves several issues reported by the
community and would have not been possible without your participation.

Thank you!

The following issues are resolved in this release:

Improvements made in this release:
-----------------------------------
 * ASTERISK-27278 - [patch] chan_sip: Provide access to read the
      full SIP Request-URI from INVITE
      (Reported by David J.  Pryke)
 * ASTERISK-27255 - alembic: Add support for Microsoft SQL
      server
      (Reported by Florian Floimair)
 * ASTERISK-27253 - [patch] libsrtp-2.1.x support
      (Reported by Alexander Traud)
 * ASTERISK-27220 - Enable CHANNEL function to get from and to
      tag from SIP Headers
      (Reported by Andre Nazario)
 * ASTERISK-27169 - Google OAuth 2.0 support for XMPP / Motif
      (Reported by Andrey)
 * ASTERISK-27173 - Support for GMIME 3.0
      (Reported by Tzafrir Cohen)
 * ASTERISK-27092 - [patch] app_queue: Add Priority to AMI
      QueueStatus
      (Reported by Niklas Larsson)
 * ASTERISK-27085 - [patch] chan_pjsip: Port SIPDtmfMode to
      chan_pjsip
      (Reported by Torrey Searle)

Bugs fixed in this release:
-----------------------------------
 * ASTERISK-27346 - res_xmpp: Crash if OAuth 2.0 is used before
      curl is loaded
      (Reported by Ronald Raikes)
 * ASTERISK-27372 - ARI: Node ARI client broken in latest
      versions of 13 and 14
      (Reported by Benjamin Keith Ford)
 * ASTERISK-27047 - res_pjsip: user=phone added to Anonymous
      caller-id when it shouldn't be.
      (Reported by dtryba)
 * ASTERISK-26988 - res_pjsip_session: user_eq_phone adds double
      user=phone parameters to URIs
      (Reported by dtryba)
 * ASTERISK-27270 - cdr_mysql: various crashes at second module
      reload if cdr_mysql.conf is configured
      (Reported by Tzafrir Cohen)
 * ASTERISK-27301 - [patch] app_queue: Music On Hold for
      real-time queues is not reset to default
      (Reported by Nathan Bruning)
 * ASTERISK-25266 - Application Originate returns SUCCESS to
      ORIGINATE_STATUS upon failure to originate
      (Reported by Allen Ford)
 * ASTERISK-27192 - res_pjsip: Loss of SIP registrations causing
      unavailable endpoints
      (Reported by Richard Mudgett)
 * ASTERISK-27305 - res_ari: Memory leaks in ARI when using
      Content-Type: application/json
      (Reported by David Hajek)
 * ASTERISK-26922 - chan_sip: tcpbind uses wrong source address
      (Reported by Ksenia)
 * ASTERISK-27324 - [patch] Dual-Stack server cannot be used as
      IPv4 client via TCP/TLS
      (Reported by Alexander Traud)
 * ASTERISK-27317 - vector: multiple evaluation of elem in
      AST_VECTOR_ADD_SORTED.
      (Reported by Corey Farrell)
 * ASTERISK-27318 - res_pjsip_mwi: uninitialized value from
      ast_strings_match
      (Reported by Corey Farrell)
 * ASTERISK-27296 - [patch] False positive busy checks when
      icalendar's recurrence-id mechanism is involved
      (Reported by Benoît Dereck-Tricot)
 * ASTERISK-27284 - Status of RFC 3323 and PJSIP
      (Reported by dtryba)
 * ASTERISK-27216 - app_queue: does its
      check-makeannouncement-logic twice each head-caller-loop
      (Reported by Stefan Engström)
 * ASTERISK-27295 - Contact is improperly translated after
      d178f497
      (Reported by Sean Bright)
 * ASTERISK-27292 - Multiple RTP Stream Created Breaking RFC2833
      (SSRC Changes)
      (Reported by Ross Beer)
 * ASTERISK-27289 - A codeblock that maintains a bug,but maybe
      the codeblock will never run
      (Reported by Huangyx)
 * ASTERISK-27283 - Realtime config fail with PostgreSQL version
      before 9.1
      (Reported by Rodrigo Ramirez Norambuena)
 * ASTERISK-27257 - bridge_native_rtp: half-way direct media
      when using early bridging
      (Reported by Jean Aunis - Prescom)
 * ASTERISK-27279 - Crash in pubsub_on_rx_request NULL pointer -
      Possible PJSIP Vulnerability
      (Reported by Ross Beer)
 * ASTERISK-26606 - tcptls: Incorrect OpenSSL function call
      leads to misleading error report
      (Reported by Bob Ham)
 * ASTERISK-16898 - SRTP unprotect: authentication failure when
      RTP sequence number switches from 65535 -> 0
      (Reported by Marcello Ceschia)
 * ASTERISK-27274 - RTCP needs better packet validation to
      resist port scans.
      (Reported by Richard Mudgett)
 * ASTERISK-27252 - RTP: One way audio with direct media and
      strictrtp=yes.
      (Reported by Richard Mudgett)
 * ASTERISK-25524 - module reload res_calendar.so does not
      reload everything in calendar.conf
      (Reported by Jesper)
 * ASTERISK-24588 - res_calendar does not process CalDAV from
      Owncloud [fix included]
      (Reported by Stefan Gofferje)
 * ASTERISK-25523 - res_calendar: Warning about invalid channel
      value (for notification) occurs even when event has no
      notification configured.
      (Reported by Jesper)
 * ASTERISK-21399 - RTP Multicast of L16 (type 10): Asterisk and
      wireshark disagree
      (Reported by Tzafrir Cohen)
 * ASTERISK-27248 - [patch]external_media_address and
      external_signaling_address don't always honor localnet
      (Reported by Walter Doekes)
 * ASTERISK-27165 - CDR: CDR(start,u) function won't work in
      cdr_custom config
      (Reported by Jacek Konieczny)
 * ASTERISK-27217 - chan_sip: Asterisk crashing when
      subscription doesn't get set
      (Reported by Bryan Walters)
 * ASTERISK-24066 - res_smdi: convert to astobj2
      (Reported by Corey Farrell)
 * ASTERISK-17540 - SDP origin attribute modified when issuing
      re-INVITE because of directmedia=yes
      (Reported by saghul)
 * ASTERISK-27254 - alembic: prune_on_boot fix erroneous
      (Reported by Florian Floimair)
 * ASTERISK-27232 - When in queue on g722 with interruptions,
      music on hold can get stuck and no longer play
      (Reported by Jens T.)
 * ASTERISK-27024 - nat/external_media settings ignored in
      14.4.1
      (Reported by Christopher van de Sande)
 * ASTERISK-26879 - PJSIP external_media_address ignored if no
      local_net options are provided
      (Reported by Matt Jordan)
 * ASTERISK-27236 - Segfault ast_channel_name (chan=0x0) at
      channel_internal_api.c:478 during T.38 Fax Receive
      (Reported by Ross Beer)
 * ASTERISK-27225 - Crash when freeing dtls_cfg->cafile
      (Reported by Richard Kenner)
 * ASTERISK-27177 - ooh323c: misleading indentation in
      addons/ooh323c/src/ooSocket.c
      (Reported by Tzafrir Cohen)
 * ASTERISK-27241 - libc segfault upon entry into app_directory
      (Reported by David Moore)
 * ASTERISK-27152 - Sending a "tel" uri in a From or To header
      in an unauthenticated message causes asterisk to crash
      (Reported by Ross Beer)
 * ASTERISK-27103 - core: ast_safe_system command injection
      possible.
      (Reported by Corey Farrell)
 * ASTERISK-27013 - res_rtp_asterisk: Media can be hijacked even
      with strict RTP enabled
      (Reported by Joshua Colp)
 * ASTERISK-26994 - Confbridge: CBAnn channels intermittently
      become stuck when caller hangs up before recording name
      (Reported by James Terhune)
 * ASTERISK-20858 - app_minivm fails to clean up mkstemp files
      (Reported by Walter Doekes)
 * ASTERISK-16777 - several filename bugs in Record()
      application
      (Reported by klaus3000)
 * ASTERISK-27168 - alembic: PJSIP scripts are missing column
      dtls_fingerprint in ps_endpoints table
      (Reported by Florian Floimair)
 * ASTERISK-23608 - ControlPlayback fails to play files with
      names containing certain non-alpha characters
      (Reported by Jonathan White)
 * ASTERISK-19103 - When using realtime queues, function
      QUEUE_MEMBER_LIST() will return an error if no other
      app/function has loaded the queues first. This problem does not
      exist if queues.conf is used.
      (Reported by Jim Van Meggelen)
 * ASTERISK-21241 - When using voicemail as announce only
      (maxmsg=0), the star dtmf to enter the voicemail is not honored
      (Reported by Eelco Brolman)
 * ASTERISK-27204 - [patch] app_queue: Wrong queue stat
      calculation
      (Reported by sungtae kim)
 * ASTERISK-27209 - Incorrect SDP in 200 OK when PJSIP_DTMF_MODE
      is used
      (Reported by Torrey Searle)
 * ASTERISK-27207 - XMPP OAuth not working due to inverted
      logic
      (Reported by Michael Kuron)
 * ASTERISK-27174 - res_calendar_icalendar: Recurring events not
      being loaded from Google calendar using ical
      (Reported by Mark Thompson)
 * ASTERISK-27202 - If wget is not installed and "or" is not
      available, external components (excluding pjsip) are not
      installed
      (Reported by Seán C. McCord)
 * ASTERISK-27147 - Either asterisk or pjproject isn't re-using
      tcp connections (again)
      (Reported by George Joseph)
 * ASTERISK-27193 - IPv6 receive address in message doesn't
      include brackets
      (Reported by Scott Griepentrog)
 * ASTERISK-27158 - [patch] res_rtp_asterisk: RTCP statistics
      are not available when native bridge is used
      (Reported by Torrey Searle)
 * ASTERISK-27110 - RTP session is not fully destroyed on
      channel hangup
      (Reported by Matt Jordan)
 * ASTERISK-26745 - Asymmetric codecs when
      asymmetric_rtp_codec=no
      (Reported by Jesse Ross)
 * ASTERISK-27171 - Asterisk 15.0.0-Beta1 does not compile
      (Reported by Ira Emus)
 * ASTERISK-26659 - res_pjsip: PJSIP presence - missing braces
      around the status element in XML
      (Reported by Abraham Liebsch)
 * ASTERISK-27156 - Asterisk won't compile on Fedora 26 with
      devmode enabled.
      (Reported by Corey Farrell)
 * ASTERISK-27130 - Applications ARI: Unsubscribe action for
      deviceStates does not remove old subscriptions properly
      (Reported by Sergej Kasumovic)
 * ASTERISK-25810 - say.c calls for sounds in the subdir
      "digits" that don't exist (in Core). SayUnixTime or other Say...
      apps will fail out when they call these sounds.
      (Reported by Nicolas Riendeau)
 * ASTERISK-27142 - sounds: Conflict between files in
      asterisk-sounds-core-1.6 and asterisk-sounds-extra-1.5
      (Reported by Corey Farrell)
 * ASTERISK-27124 - app_playback.c:say_date_generic use
      timezonename parameter
      (Reported by Holger Hans Peter Freyther)
 * ASTERISK-27133 - res_rtp_asterisk: RTCP does not use ICE when
      RTCP-MUX in use
      (Reported by Joshua Colp)
 * ASTERISK-27128 - [patch]res_stasis_snoop: When recording a
      snoop channel (using ARI) where no media is being received, no
      recording happens when theres no media
      (Reported by Dan Jenkins)
 * ASTERISK-27123 - confbridge: Name recordings are left on
      filesystem
      (Reported by Sergej Kasumovic)
 * ASTERISK-27122 - chan_iax2: On reload MWI taskprocessors keep
      adding up
      (Reported by Sergej Kasumovic)
 * ASTERISK-26807 - sounds: New 3-D Binaural audio features
      require new sound prompts
      (Reported by Rusty Newton)
 * ASTERISK-25816 - French conf-adminmenu, conf-usermenu prompts
      differ in content from the English files
      (Reported by Benoit Duverger)
 * ASTERISK-26274 - Resolve open sounds issues and then create a
      new sounds release (1.5.1? or 1.6?)
      (Reported by Rusty Newton)
 * ASTERISK-27127 - configs: Erroneous load directive in sample
      configuration results in "Error loading module
      'res_pjsip_multihomed.so'"
      (Reported by HZMI8gkCvPpom0tM)
 * ASTERISK-27105 - [patch]core: when setting 'maxfiles' in
      asterisk.conf, a message is printed, even in rasterisk -x
      (Reported by Tzafrir Cohen)
 * ASTERISK-27036 - res_pjsip: Asterisk crashes when an
      extension tries to use PJSIP trunk with from_user containing
      '@'
      (Reported by Maxim Vasilev)
 * ASTERISK-27023 - res_rtp_asterisk: Deadlock when TURN session
      in use
      (Reported by Jatin Jain)
 * ASTERISK-27093 - ODBC deadlocks when app_directory tries to
      play back non-existent voicemail greeting
      (Reported by James Terhune)

New Features made in this release:
-----------------------------------
 * ASTERISK-27215 - [patch]AMI : Add CancelAtxfer Action
      (Reported by Thomas Sevestre)
 * ASTERISK-27117 - core: Add support for timelen parsing to
      ast_parse_arg and ACO.
      (Reported by Corey Farrell)

For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telep … og-13.18.0

Thank you for your continued support of Asterisk!

----- 13.17.0 ----

The Asterisk Development Team would like to announce the release
of Asterisk 13.17.0.

The release of Asterisk 13.17.0 resolves several issues reported by the
community and would have not been possible without your participation.

Thank you!

The following issues are resolved in this release:

Bugs fixed in this release:
-----------------------------------
 * ASTERISK-27108 - Crash using 'data get' CLI command
      (Reported by Sean Bright)
 * ASTERISK-27106 - [patch] autodomain (SIP Domain Support): Add
      only really different domain with TLS.
      (Reported by Alexander Traud)
 * ASTERISK-27100 - channel: ast_waitfordigit_full fails to
      clear flag in an error branch.
      (Reported by Corey Farrell)
 * ASTERISK-27090 - PJSIP: Deadlock using TCP transport
      (Reported by Richard Mudgett)
 * ASTERISK-25665 - Duplicate logging in queue log for EXITEMPTY
      events
      (Reported by Ove Aursand)
 * ASTERISK-27065 - call hangup after leaving app_queue
      (Reported by Marek Cervenka)
 * ASTERISK-26978 - rtp: Crash in ast_rtp_codecs_payload_code()
      (Reported by Ross Beer)
 * ASTERISK-27074 - core_local: local channel data not being
      properly unref'ed and unlocked
      (Reported by Kevin Harwell)
 * ASTERISK-27075 - bridge: stuck channel(s) after failed
      attended transfer
      (Reported by Kevin Harwell)
 * ASTERISK-24052 - app_voicemail reloads result in leaked IMAP
      sockets.
      (Reported by Louis Jocelyn Paquet)
 * ASTERISK-27060 - Comment typo format_g729.c
      (Reported by Matthew Fredrickson)
 * ASTERISK-27026 - res_ari: Crash when no ari.conf
      configuration file exists
      (Reported by Ronald Raikes)
 * ASTERISK-27041 - Core/PBX: [patch] Deadlock between dialplan
      execution and application unregistration
      (Reported by Frederic LE FOLL)
 * ASTERISK-27057 - Seg Fault in ast_sorcery_object_get_id at
      sorcery.c
      (Reported by Ryan Smith)
 * ASTERISK-27024 - nat/external_media settings ignored in
      14.4.1
      (Reported by Christopher van de Sande)
 * ASTERISK-27046 - res_pjsip_transport_websocket: segfault in
      get_write_timeout
      (Reported by Jørgen H)
 * ASTERISK-27022 - res_rtp_asterisk: Incorrect SSRC change for
      RTCP component
      (Reported by Michael Walton)
 * ASTERISK-26923 - bridging: T.38 request is lost when channels
      are added to bridge
      (Reported by Torrey Searle)
 * ASTERISK-27053 - res_pjsip_refer/session: Calls dropped
      during transfer
      (Reported by Kevin Harwell)
 * ASTERISK-27052 - Asterisk build process fails with flag
      --with-pjproject-bundled with curl download command and slow
      network
      (Reported by alex)
 * ASTERISK-27039 - chan_pjsip: Device state is idle when
      channel from endpoint is in early media
      (Reported by Joshua Colp)
 * ASTERISK-26996 - chan_pjsip: Flipping between codecs
      (Reported by Michael Maier)
 * ASTERISK-26281 - chan_pjsip would send INVITE to
      'Unreachable' endpoints
      (Reported by Jacek Konieczny)
 * ASTERISK-26973 - bridge: Crash when freeing frame and
      snooping
      (Reported by Michel R. Vaillancourt)
 * ASTERISK-19291 - Background in realtime
      (Reported by Andrew Nowrot)
 * ASTERISK-27025 - channel / meetme: Fix missing parentheses
      (Reported by Joshua Colp)
 * ASTERISK-27021 - GET /recordings/stored returns 500 Internal
      Server Error
      (Reported by Tim Morgan)
 * ASTERISK-24858 - [patch]Asterisk 13 PJSIP sends RTP packets
      in wrong byte order on Intel platform when using slin codec
      (Reported by Frankie Chin)
 * ASTERISK-23951 -  Asterisk attempts and fails to build
      format_mp3 even if mp3lib was not downloaded
      (Reported by Tzafrir Cohen)
 * ASTERISK-25294 - srtp's crypto_get_random deprecated
      (Reported by Tzafrir Cohen)
 * ASTERISK-23839 - AGI - RECORD FILE - documentation doesn't
      describe BEEP argument
      (Reported by Rusty Newton)
 * ASTERISK-22432 - Async AGI crashes Asterisk when issuing "set
      variable" command without args
      (Reported by Antoine Pitrou)
 * ASTERISK-25662 - Malformed AGI 520 Usage response
      (Reported by Tony Mountifield)
 * ASTERISK-25101 - DTLS configuration can not be specified in
      the general section - documentation
      (Reported by Ben Langfeld)
 * ASTERISK-27008 - res_format_attr_h264: SDP parse fails if
      fmtp optional parameters have a space
      (Reported by John Harris)
 * ASTERISK-26399 - app_queue: Agent not called when caller is
      parked
      (Reported by wushumasters)
 * ASTERISK-26400 - app_queue: Queue member stops being called
      after AMI "Redirect" action for queues with wrapuptime
      (Reported by Etienne Lessard)
 * ASTERISK-26715 - app_queue: Member will not receive any new
      calls after doing a transfer if wrapuptime = greater than 0 and
      using Local channel
      (Reported by David Brillert)
 * ASTERISK-26975 - app_queue: Non-zero wrapup time can cause
      agents not to receive queue calls after transfer queue call
      (Reported by Lorne Gaetz)
 * ASTERISK-27012 - app_confbridge: ConfBridge sometimes does
      not play user name recording while leaving
      (Reported by Robert Mordec)
 * ASTERISK-26979 - res_rtp_asterisk: SRTP unprotect failed with
      authentication failure 10 or 110
      (Reported by Javier Riveros)
 * ASTERISK-26982 - chan_sip: rtcp_mux setting may cause ice
      completion failure/delay if client offers rtcp-mux as
      negotiable
      (Reported by Stefan Engström)
 * ASTERISK-26964 - res_pjsip_session: Wrong From on reinvite
      when request and To URI differ
      (Reported by Yasin CANER)
 * ASTERISK-26789 - Audit manipulation of channel flags without
      locks
      (Reported by Joshua Colp)
 * ASTERISK-26333 - Problems with Blind Transfer, PJSIP (Aastra
      6869i)
      (Reported by Matthias Binder)

Improvements made in this release:
-----------------------------------
 * ASTERISK-26230 - [patch] res_pjsip_mwi: unsolicited mwi could
      block PJSIP taskprocessor on startup
      (Reported by Alexei Gradinari)
 * ASTERISK-27043 - Core/BuildSystem: Add defines to fix build
      with LibreSSL
      (Reported by Guido Falsi)
 * ASTERISK-27042 - Unpatched asterisk sources fail to build on
      FreeBSD due to missing crypt.h file
      (Reported by Guido Falsi)
 * ASTERISK-26419 - audiohooks: Remove redundant codec
      translations when using audiohooks
      (Reported by Michael Walton)
 * ASTERISK-26976 - libsrtp-2.x.x support
      (Reported by Alex)
 * ASTERISK-26124 - res_agi: Set audio format for EAGI audio
      stream
      (Reported by John Fawcett)

For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telep … og-13.17.0

Thank you for your continued support of Asterisk!
   2018-01-01 22:18:57 by Adam Ciarcinski | Files touched by this commit (629) | Package updated
Log message:
Revbump after boost update
   2017-11-30 17:45:43 by Adam Ciarcinski | Files touched by this commit (654) | Package updated
Log message:
Revbump after textproc/icu update
   2017-09-18 11:53:40 by Maya Rashish | Files touched by this commit (676)
Log message:
revbump for requiring ICU 59.x
   2017-08-24 22:03:43 by Adam Ciarcinski | Files touched by this commit (621) | Package updated
Log message:
Revbump for boost update
   2017-06-04 09:51:27 by John Nemeth | Files touched by this commit (6) | Package updated
Log message:
Update to Asterisk 13.16.0:  this is mostly a bugfix release.

The Asterisk Development Team would like to announce the release
of Asterisk 13.16.0.

The release of Asterisk 13.16.0 resolves several issues reported by the
community and would have not been possible without your participation.

Thank you!

The following issues are resolved in this release:

Bugs fixed in this release:
-----------------------------------
 * ASTERISK-26982 - chan_sip: rtcp_mux setting may cause ice
      completion failure/delay if client offers rtcp-mux as
      negotiable
      (Reported by Stefan Engström)
 * ASTERISK-26979 - res_rtp_asterisk: SRTP unprotect failed with
      authentication failure 10 or 110
      (Reported by Javier Riveros)
 * ASTERISK-25665 - Duplicate logging in queue log for EXITEMPTY
      events
      (Reported by Ove Aursand)
 * ASTERISK-26998 - res_pjsip_session: INVITE retransmissions
      could still setup the same call again.
      (Reported by Richard Mudgett)
 * ASTERISK-26143 - res_rtp_asterisk: One way audio when
      transcoding
      (Reported by Henning Holtschneider)
 * ASTERISK-26606 - tcptls: Incorrect OpenSSL function call
      leads to misleading error report
      (Reported by Bob Ham)
 * ASTERISK-26983 - Crash in Manager Reload when TLS Config
      Changes
      (Reported by Joshua Elson)
 * ASTERISK-25032 - [patch]cel_odbc sometimes inserts CEL with
      wrong eventtime
      (Reported by Etienne Lessard)
 * ASTERISK-26173 - func_cdr: CDR function does not permit empty
      values to be assigned
      (Reported by gkloepfer)
 * ASTERISK-25506 - [patch]CONFBRIDGE failure after an
      app_confbrige.so module reload results in segfault or
      error/warning messages.
      (Reported by Frederic LE FOLL)
 * ASTERISK-24529 - Using AMI Action Bridge to on an already
      bridged channel causes the incorrect return priority to be used
      (Reported by Corey Farrell)
 * ASTERISK-26860 - Upon RTCP reception, netsock2.c:210
      ast_sockaddr_split_hostport: Port missing in (null)
      (Reported by Evers Lab)
 * ASTERISK-26922 - chan_sip: tcpbind uses wrong source address
      (Reported by Ksenia)
 * ASTERISK-26974 - res_pjsip: Deadlock in T.38 framehook
      (Reported by Richard Mudgett)
 * ASTERISK-26908 - res_pjsip: The ChanIsAvail causes a
      res_pjsip session to be leaked.
      (Reported by Richard Mudgett)
 * ASTERISK-25823 - SIGSEGV, Segmentation fault. -
      ../sysdeps/x86_64/strlen.S: No such file or directory.
      (Reported by Andreas Krüger)
 * ASTERISK-26951 - chan_sip: ACK with SDP does not update a
      direct media bridge
      (Reported by Jean Aunis - Prescom)
 * ASTERISK-26930 - pjproject/Makefile.rules for pjsip 2.6 build
      fails for non-SSE2 instrunction Linux
      (Reported by abelbeck)
 * ASTERISK-26926 - func_speex: Crash caused by frame with no
      datalen
      (Reported by Richard Kenner)
 * ASTERISK-26929 - pjsip: Add database tables for RLS
      (Reported by Joshua Colp)
 * ASTERISK-26953 - Asterisk crash if hep.conf have some missing
      parameters
      (Reported by Joel Vandal)
 * ASTERISK-26890 - STUN server with non-default-route transport
      causes INVITE delay
      (Reported by George Joseph)
 * ASTERISK-26692 - res_rtp_asterisk: Crash in
      dtls_srtp_handle_timeout at res_rtp_asterisk (using chan_sip)
      (Reported by scgm11)
 * ASTERISK-26835 - res_rtp_asterisk: Crash when freeing RTCP
      address string
      (Reported by Niklas Larsson)
 * ASTERISK-26853 - res_rtp_asterisk: Crash in pjnath when
      receiving packet
      (Reported by Adagio)
 * ASTERISK-26613 - format_wav: wav16 format read file only by
      320 - half of frame
      (Reported by Vitaly K)
 * ASTERISK-26169 - format_ogg_vorbis: Memory leak using OGG in
      MixMonitor
      (Reported by Ivan Myalkin)
 * ASTERISK-21856 - STUN never works when asterisk started
      without internet access
      (Reported by Jeremy Kister)
 * ASTERISK-20984 - Audible clicks when playing sox encoded au
      file with STREAM FILE AGI command
      (Reported by Roman S.)
 * ASTERISK-26851 - res_pjsip_sdp_rtp: RTP instance does not use
      same IP as explicit transport
      (Reported by Richard Begg)
 * ASTERISK-26903 - Listening TCP/TLS sockets stop when
      temporarily out of open files
      (Reported by Walter Doekes)
 * ASTERISK-26528 - [UBSAN] strings.h:signed integer overflow in
      ast_str_case_hash
      (Reported by Badalian Vyacheslav)
 * ASTERISK-26928 - pjsip: Add database tables for PUBLISH
      support
      (Reported by Joshua Colp)
 * ASTERISK-26927 - pjproject_bundled: Crash on
      pj_ssl_get_info() while ioqueue_on_read_complete().
      (Reported by Alexander Traud)
 * ASTERISK-26905 - pjproject_bundled:  Merge 3 upstream
      deadlock patches into bundled
      (Reported by Ross Beer)
 * ASTERISK-26897 - chan_sip: Security vulnerability with client
      code header
      (Reported by Alex Villacís Lasso)
 * ASTERISK-25974 - Unused realtime MOH classes not purged on
      'moh reload'
      (Reported by Sébastien Couture)
 * ASTERISK-26916 - res_pjsip: Excessive refcount reached on
      transport ao2 object
      (Reported by Ross Beer)
 * ASTERISK-21721 - SIP Failed to parse multiple Supported:
      headers
      (Reported by Olle Johansson)
 * ASTERISK-26915 - chan_sip: Session Timers required but
      refused wrongly.
      (Reported by Alexander Traud)
 * ASTERISK-26363 - res_pjsip: Bye sent to sip trunk is not
      authenticated even after receiving a 407 error code
      (Reported by Yaacov Akiba Slama)
 * ASTERISK-26896 - Overflow of buffer to PQEscapeStringConn
      with large app_args causes ABRT
      (Reported by twisted)
 * ASTERISK-26705 - libasteriskssl.so not found when asterisk is
      installed for the 1st time
      (Reported by George Joseph)
 * ASTERISK-21009 - xmpp_pubsub_unsubscribe: Could not create IQ
      when creating pubsub unsubscription on client
      (Reported by
      Marcello Ceschia)
 * ASTERISK-25490 - [patch]SDP crypto tag is validated
      incorrectly
      (Reported by Joerg Sonnenberger)
 * ASTERISK-24712 - xmpp: starttls problem causes connection
      spew
      (Reported by Matthias Urlichs)
 * ASTERISK-26086 - res_musiconhold: format option is not
      documented adequately
      (Reported by Jens Bürger)
 * ASTERISK-23996 - No core dumps because of res_musiconhold
      chdir.
      (Reported by Walter Doekes)
 * ASTERISK-26814 - pjproject_bundled build fails to download
      pjproject source when using cURL
      (Reported by Gergely Dömsödi)
 * ASTERISK-23510 - JABBER_STATUS fails with improper code 7 for
      unavailable clients
      (Reported by Anthony Critelli)
 * ASTERISK-21855 - Asterisk crashes when XMPP message is sent
      (JabberSend) and no internet connection is available
      (Reported by Jeremy Kister)
 * ASTERISK-25622 - WARNING for "JABBER: socket read error"
      should be more specific
      (Reported by Sean Darcy)
 * ASTERISK-26818 - cdr: Problem setting variables in h exten
      (Reported by scgm11)
 * ASTERISK-26875 - app_mixmonitor: Recording out of sync when
      183 but no RTP
      (Reported by Aaron An)

Improvements made in this release:
-----------------------------------
 * ASTERISK-26088 - Investigate heavy memory utilization by
      res_pjsip_pubsub
      (Reported by Richard Mudgett)
 * ASTERISK-26427 - res_hep_rtcp: Asterisk Master will report
      channel name with res_hep_rtcp when using chan_sip
      (Reported by Nir Simionovich (GreenfieldTech - Israel))

For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telep … og-13.16.0

Thank you for your continued support of Asterisk!
   2017-05-29 22:52:37 by John Nemeth | Files touched by this commit (2) | Package updated
Log message:
Add fixes for AST-2017-002, AST-2017-003, and AST-2017-004.  Note
that the first two don't affect pkgsrc as we are using chan_sip
not PJSIP.  The last only affects users of SCCP, which is Cisco's
proprietary protocol.

----- AST-2017-002

A remote crash can be triggered by sending a SIP packet to
Asterisk with a specially crafted CSeq header and a Via
header with no branch parameter. The issue is that the
PJSIP RFC 2543 transaction key generation algorithm does
not allocate a large enough buffer. By overrunning the
buffer, the memory allocation table becomes corrupted,
leading to an eventual crash.

This issue is in PJSIP, and so the issue can be fixed
without performing an upgrade of Asterisk at all. However,
we are releasing a new version of Asterisk with the bundled
PJProject updated to include the fix.

If you are running Asterisk with chan_sip, this issue does
not affect you.

----- AST-2017-003

The multi-part body parser in PJSIP contains a logical
error that can make certain multi-part body parts attempt
to read memory from outside the allowed boundaries. A
specially-crafted packet can trigger these invalid reads
and potentially induce a crash.

The issue is within the PJSIP project and not in Asterisk.
Therefore, the problem can be fixed without upgrading
Asterisk. However, we will be releasing a new version of
Asterisk where the bundled version of PJSIP has been
updated to have the bug patched.

If you are using Asterisk with chan_sip, this issue does
not affect you.

----- AST-2017-004

A remote memory exhaustion can be triggered by sending an
SCCP packet to Asterisk system with chan_skinny enabled
that is larger than the length of the SCCP header but
smaller than the packet length specified in the header. The
loop that reads the rest of the packet doesn't detect that
the call to read() returned end-of-file before the expected
number of bytes and continues infinitely. The partial
data message logging in that tight loop causes Asterisk to
exhaust all available memory.
   2017-05-14 00:39:13 by John Nemeth | Files touched by this commit (5) | Package updated
Log message:
Update to Asterisk 13.15.0.  This is mostly a bug fix release with a few
minor enhancements.  13.14.1 was released to fix AST-2017-001.

----- 13.15.0

The Asterisk Development Team would like to announce the release of
Asterisk 13.15.0.

The release of Asterisk 13.15.0 resolves several issues reported by the
community and would have not been possible without your participation.

*Thank you!*

The following issues are resolved in this release:

*New Features made in this release:*
-----------------------------------
- [ASTERISK-26878 <https://issues.asterisk.org/jira/browse/ASTERISK-26878>]
- func_channel: Add ability to get the callid so dialplan has access to it.
(Reported by Richard Mudgett)
- [ASTERISK-26863 <https://issues.asterisk.org/jira/browse/ASTERISK-26863>]
- res_pjsip: Add endpoint identification scheme based on a configured SIP
header/value
(Reported by Matt Jordan)
- [ASTERISK-17428 <https://issues.asterisk.org/jira/browse/ASTERISK-17428>]
- [patch] Allow "Comedian Mail" branding to be removed
(Reported by John Covert)

*Bugs fixed in this release:*
-----------------------------------
- [ASTERISK-26851 <https://issues.asterisk.org/jira/browse/ASTERISK-26851>]
- res_pjsip_sdp_rtp: RTP instance does not use same IP as explicit transport
(Reported by Richard Begg)
- [ASTERISK-26897 <https://issues.asterisk.org/jira/browse/ASTERISK-26897>]
- chan_sip: Security vulnerability with client code header
(Reported by Alex Villacís Lasso)
- [ASTERISK-26916 <https://issues.asterisk.org/jira/browse/ASTERISK-26916>]
- res_pjsip: Excessive refcount reached on transport ao2 object
(Reported by Ross Beer)
- [ASTERISK-26705 <https://issues.asterisk.org/jira/browse/ASTERISK-26705>]
- libasteriskssl.so not found when asterisk is installed for the 1st time
(Reported by George Joseph)
- [ASTERISK-26850 <https://issues.asterisk.org/jira/browse/ASTERISK-26850>]
- res_hep_pjsip: Asterisk insert wrong protocol name in "Protocol ID" field
in HEP packets
(Reported by Max Norba)
- [ASTERISK-26484 <https://issues.asterisk.org/jira/browse/ASTERISK-26484>]
- res_pjsip_messaging: Crash when using invalid URI in MessageSend 'from'
argument.
(Reported by Vinod Dharashive)
- [ASTERISK-26776 <https://issues.asterisk.org/jira/browse/ASTERISK-26776>]
- res_pjsip_pubsub: Crash when generating xpidf content
(Reported by Andrew Green)
- [ASTERISK-26880 <https://issues.asterisk.org/jira/browse/ASTERISK-26880>]
- Asterisk crashes when multiple speex users join confbridge with pp_vad
and dtx enabled
(Reported by Kirsty Tyerman)
- [ASTERISK-26862 <https://issues.asterisk.org/jira/browse/ASTERISK-26862>]
- app_queue: Queue stops calling members with local interface after
forwarding in previous call
(Reported by Robert Mordec)
- [ASTERISK-26732 <https://issues.asterisk.org/jira/browse/ASTERISK-26732>]
- res_rtp_asterisk: Implement RTCP Multiplexing - breaking WebRTC in Chrome
(Reported by Dan Jenkins)
- [ASTERISK-26879 <https://issues.asterisk.org/jira/browse/ASTERISK-26879>]
- PJSIP external_media_address ignored if no local_net options are provided
(Reported by Matt Jordan)
- [ASTERISK-26867 <https://issues.asterisk.org/jira/browse/ASTERISK-26867>]
- autochan: Locking in a function ast_autochan_destroy() on destroyed
channel (after masquerade).
(Reported by Krzysztof Trempala)
- [ASTERISK-26869 <https://issues.asterisk.org/jira/browse/ASTERISK-26869>]
- res_pjsip_refer: blind call transfer w/o a user name doesn't go to the s
extension
(Reported by Torrey Searle)
- [ASTERISK-26668 <https://issues.asterisk.org/jira/browse/ASTERISK-26668>]
- core: Malformed pattern matching extension (various factors) results in
crash
(Reported by xrobau)
- [ASTERISK-26865 <https://issues.asterisk.org/jira/browse/ASTERISK-26865>]
- chan_iax2: Reload of iax peer results in loss of host address/port
(Reported by Richard Begg)
- [ASTERISK-26872 <https://issues.asterisk.org/jira/browse/ASTERISK-26872>]
- Bundled pjproject fails to build when tarball downloaded with curl due to
md5 verification failure in Docker containers (or when there is no terminal)
(Reported by Matt Jordan)
- [ASTERISK-26717 <https://issues.asterisk.org/jira/browse/ASTERISK-26717>]
- Document the fact that Asterisk HEP support only works with the PJSIP
channel driver
(Reported by Olivier Krief)
- [ASTERISK-26643 <https://issues.asterisk.org/jira/browse/ASTERISK-26643>]
- Extra new line in Device field of DeviceStateChange AMI Event after
restart of Asterisk
(Reported by Roman Bedros)
- [ASTERISK-25237 <https://issues.asterisk.org/jira/browse/ASTERISK-25237>]
- stasis_cache.c:845 caching_topic_exec: - misleading ERROR message
(Reported by Smirnov Aleksey)
- [ASTERISK-26857 <https://issues.asterisk.org/jira/browse/ASTERISK-26857>]
- chan_pjsip: Dialplan function race condition
(Reported by Joshua Colp)
- [ASTERISK-26841 <https://issues.asterisk.org/jira/browse/ASTERISK-26841>]
- chan_sip: Call not cancelled after receiving a 422 response
(Reported by Jean Aunis - Prescom)
- [ASTERISK-26822 <https://issues.asterisk.org/jira/browse/ASTERISK-26822>]
- pjsip/cli_commands: pjsip show channelstats shows wrong codec
(Reported by Kevin Harwell)
- [ASTERISK-26685 <https://issues.asterisk.org/jira/browse/ASTERISK-26685>]
- res_pjsip: Crash when using IPv6 and Transport ws,wss
(Reported by Michael Balen)
- [ASTERISK-24562 <https://issues.asterisk.org/jira/browse/ASTERISK-24562>]
- app_voicemail: Cannot set fromstring on a per-mailbox basis
(Reported by Mark Scholten)
- [ASTERISK-26598 <https://issues.asterisk.org/jira/browse/ASTERISK-26598>]
- Saynumber is trying to get "and" from "digits/" subfolder
(Reported by Jonathan Harris)
- [ASTERISK-17067 <https://issues.asterisk.org/jira/browse/ASTERISK-17067>]
- Long lines in call files cause spurious syntax error
(Reported by Dave Olszewski)
- [ASTERISK-26796 <https://issues.asterisk.org/jira/browse/ASTERISK-26796>]
- res_pjsip_transport_websocket: Via header is 'WS' when it should be 'WSS'
(Reported by Jørgen H)
- [ASTERISK-25628 <https://issues.asterisk.org/jira/browse/ASTERISK-25628>]
- res_config_pgsql: should match the behavior of other drivers so that
queue_log can disable adaptive logging
(Reported by Dmitry Wagin)
- [ASTERISK-26825 <https://issues.asterisk.org/jira/browse/ASTERISK-26825>]
- pjsip.conf.sample: user_agent: still refers to branch 12
(Reported by Tzafrir Cohen)
- [ASTERISK-26823 <https://issues.asterisk.org/jira/browse/ASTERISK-26823>]
- PJSIP: Persistent subscriptions can cause FRACKs if endpoint does not
exist
(Reported by Mark Michelson)
- [ASTERISK-26623 <https://issues.asterisk.org/jira/browse/ASTERISK-26623>]
- res_pjsip: Crash when calling PJSIPShowEndpoint
(Reported by Jørgen H)
- [ASTERISK-26808 <https://issues.asterisk.org/jira/browse/ASTERISK-26808>]
- res_pjsip_outbound_registration doesn't know about network change events
(Reported by George Joseph)
- [ASTERISK-26313 <https://issues.asterisk.org/jira/browse/ASTERISK-26313>]
- chan_sip : Asterisk restart seems to be required for changing encryption
option
(Reported by benasse)
- [ASTERISK-26781 <https://issues.asterisk.org/jira/browse/ASTERISK-26781>]
- bridge: Passing the 'p' (play tone) flag to Bridge() application results
in garbled audio
(Reported by Sean Bright)
- [ASTERISK-26782 <https://issues.asterisk.org/jira/browse/ASTERISK-26782>]
- res_pjsip: URI requirement for fields is not consistently documented and
error does not provide indication
(Reported by Peter Sokolov)
- [ASTERISK-26812 <https://issues.asterisk.org/jira/browse/ASTERISK-26812>]
- [patch] Fix download_externals To Allow The Use Of curl Or wget
(Reported by Michael L. Young)
- [ASTERISK-18271 <https://issues.asterisk.org/jira/browse/ASTERISK-18271>]
- Pattern matching with res_config_mysql extensions does not behave as
expected
(Reported by Charlie Smurthwaite)
- [ASTERISK-26669 <https://issues.asterisk.org/jira/browse/ASTERISK-26669>]
- PJSIP Segfault 13.13.1 (Bundled PJSIP)
(Reported by Nic Colledge)
- [ASTERISK-18731 <https://issues.asterisk.org/jira/browse/ASTERISK-18731>]
- [patch] DUNDi weight parameter not processed correctly
(Reported by Peter Racz)
- [ASTERISK-26580 <https://issues.asterisk.org/jira/browse/ASTERISK-26580>]
- [patch] Error during LDAP modify action when user unregisters
(Reported by Nicholas John Koch)
- [ASTERISK-26799 <https://issues.asterisk.org/jira/browse/ASTERISK-26799>]
- res_pjsip: Using an auth object for inbound and outbound authentication
fails.
(Reported by Richard Mudgett)
- [ASTERISK-26738 <https://issues.asterisk.org/jira/browse/ASTERISK-26738>]
- Frequent segfaults since activation of DNS SRV, in
pjsip_auth_clt_reinit_req at /pjsip/sip_auth_client.c, and
pj_atomic_inc_and_get at pj/os_core_unix.c
(Reported by Michael Maier)
- [ASTERISK-25893 <https://issues.asterisk.org/jira/browse/ASTERISK-25893>]
- Function vmauthenticate accesses uninitialized memory
(Reported by Filip Jenicek)
- [ASTERISK-26802 <https://issues.asterisk.org/jira/browse/ASTERISK-26802>]
- [patch] Integrity Check Of PJSIP Download Fails
(Reported by Michael L. Young)
- [ASTERISK-15858 <https://issues.asterisk.org/jira/browse/ASTERISK-15858>]
- [patch] Fix query with double backslash in string literals and stop log
warnings
(Reported by Humberto Figuera)
- [ASTERISK-26057 <https://issues.asterisk.org/jira/browse/ASTERISK-26057>]
- res_config_sqlite3 uses incorrect query - unnecessary escape
(Reported by Stepan)
- [ASTERISK-23457 <https://issues.asterisk.org/jira/browse/ASTERISK-23457>]
- SQlite3: Realtime queue loading fails after PRAGMA query result
(Reported by Scott Griepentrog)
- [ASTERISK-26794 <https://issues.asterisk.org/jira/browse/ASTERISK-26794>]
- http: Crash on Reload Only in ast_tcptls_server_start
(Reported by Joshua Elson)
- [ASTERISK-26714 <https://issues.asterisk.org/jira/browse/ASTERISK-26714>]
- Phone default have not ringing on ARM
(Reported by Igor Goncharovsky)
- [ASTERISK-26696 <https://issues.asterisk.org/jira/browse/ASTERISK-26696>]
- pjsip_pubsub: PJSIP Subscription Persistence in AstDB Does not update on
subscription refresh
(Reported by Zach R)
- [ASTERISK-26756 <https://issues.asterisk.org/jira/browse/ASTERISK-26756>]
- res_pjsip_mwi: Asterisk does not terminate MWI subscription
(Reported by Carl Fortin)
- [ASTERISK-26109 <https://issues.asterisk.org/jira/browse/ASTERISK-26109>]
- Asterisk fails building with OpenSSL 1.1.0
(Reported by Tzafrir Cohen)
- [ASTERISK-26723 <https://issues.asterisk.org/jira/browse/ASTERISK-26723>]
- VoiceMailPlayMsg not playing messages via realtime
(Reported by Ryan Rittgarn)
- [ASTERISK-18286 <https://issues.asterisk.org/jira/browse/ASTERISK-18286>]
- [patch] 'Silence' is truncated in Record()
(Reported by var)
- [ASTERISK-26248 <https://issues.asterisk.org/jira/browse/ASTERISK-26248>]
- chan_pjsip: Error when calling PJSIP client with domain specified
(Reported by Norbert Varga)
- [ASTERISK-26788 <https://issues.asterisk.org/jira/browse/ASTERISK-26788>]
- core: Protect flags during ast_waitfor
(Reported by Joshua Colp)
- [ASTERISK-26115 <https://issues.asterisk.org/jira/browse/ASTERISK-26115>]
- pbx: AMI Originate ignore "failed" extension on call failure
(Reported by Nasir Iqbal)
- [ASTERISK-26785 <https://issues.asterisk.org/jira/browse/ASTERISK-26785>]
- configs/samples: The 'identify' entry is in the wrong section in
sorcery.conf.sample
(Reported by Torrey Searle)
- [ASTERISK-26772 <https://issues.asterisk.org/jira/browse/ASTERISK-26772>]
- Crash in srv.c on startup with pjsip
(Reported by nappsoft)
- [ASTERISK-26770 <https://issues.asterisk.org/jira/browse/ASTERISK-26770>]
- res_stasis_device_state: Duplicate subscriptions when multiple received
at same time
(Reported by Joshua Colp)

*Improvements made in this release:*
-----------------------------------
- [ASTERISK-26864 <https://issues.asterisk.org/jira/browse/ASTERISK-26864>]
- res_pjsip_session: Add support for overlap dialling
(Reported by Richard Begg)
- [ASTERISK-26846 <https://issues.asterisk.org/jira/browse/ASTERISK-26846>]
- chan_sip: Add rtcp-mux support
(Reported by Sean Bright)

For a full list of changes in this release, please see the ChangeLog:
http://downloads.asterisk.org/pub/telep … og-13.15.0

*Thank you for your continued support of Asterisk!*

----- 13.14.0

The Asterisk Development Team has announced the release of Asterisk 13.14.0.

The release of Asterisk 13.14.0 resolves several issues reported by the
community and would have not been possible without your participation.
Thank you!

The following are the issues resolved in this release:

New Features made in this release:
-----------------------------------
 * ASTERISK-26630 - Make logging PJPROJECT messages a bit easier
      (Reported by Richard Mudgett)

Bugs fixed in this release:
-----------------------------------
 * ASTERISK-26772 - Crash in srv.c on startup with pjsip (Reported
      by nappsoft)
 * ASTERISK-26704 - res_odbc.conf contains deprecated
      configuration: 'pooling', 'shared_connections', 'limit', and
      'idlecheck' options were replaced by 'max_connections'.
      (Reported by Anthony Messina)
 * ASTERISK-21094 - MixMonitorMute mutes through stream if already
      slinear (e.g. Originate) (Reported by David Woolley)
 * ASTERISK-26716 - ari: Channels with pre-dial handlers cannot be
      hung up via ARI (Reported by Tom Pawelek)
 * ASTERISK-26632 - core: Possibility of a frame "imbalance"
      leading to stuck channels. (Reported by Mark Michelson)
 * ASTERISK-25951 - res_agi:  run_agi eats frames it shouldn't
      (Reported by George Joseph)
 * ASTERISK-26343 - ASTERISK-25951 causes issues for callerid
      manipulation through agi (Reported by Morten Tryfoss)
 * ASTERISK-26679 - Crash on invalid contact domain (pjsip aor)
      (Reported by Dmitriy)
 * ASTERISK-26699 - res_pjsip: Assertion when sending OPTIONS
      request  to endpoint (Reported by Ross Beer)
 * ASTERISK-24858 - [patch]Asterisk 13 PJSIP sends RTP packets in
      wrong byte order on Intel platform when using slin codec
      (Reported by Frankie Chin)
 * ASTERISK-26754 - build_tools: make_build_h does not handle \ in
      user name  (Reported by Kirill Katsnelson)
 * ASTERISK-26753 - AMI disconnect causes "ast_careful_fwrite:
      fwrite() returned error: Broken pipe" (Reported by Kirill
      Katsnelson)
 * ASTERISK-26755 - app_queue: Random queues disappear on "core
      reload queue all" (Reported by Kirill Katsnelson)
 * ASTERISK-26735 - res_pjsip_endpoint_identifier_ip: "srv_lookups"
      after match in .conf has no effect (Reported by Michael Maier)
 * ASTERISK-26693 - res_pjsip_endpoint_identifier_ip: Add support
      for SRV (Reported by Joshua Colp)
 * ASTERISK-26743 - PJPROJECT: Detecting compiled max log level
      does not work. (Reported by Richard Mudgett)
 * ASTERISK-26740 - voicemail API test: uses varlibdir instead of
      datadir for a sound file (Reported by Tzafrir Cohen)
 * ASTERISK-26739 - voicemail API test: confuses expected and
      actual values (Reported by Tzafrir Cohen)
 * ASTERISK-26731 - res_sorcery_memory_cache: memory leak on every
      sorcery memory cache populate (Reported by Ustinov Artem)
 * ASTERISK-26710 - [patch] res_rtp_asterisk: CHANNEL arguments,
      (rtcp,all_rtt),(rtcp,all_loss),(rtcp,all_jitter) always return 0
      (Reported by Aaron An)
 * ASTERISK-26672 - Crash when setting remote address on RTP
      instance (Reported by Richard Mudgett)
 * ASTERISK-26670 - [patch] Outgoing SIP-URI Dialing via PJSIP
      (Reported by Alexander Traud)
 * ASTERISK-26691 - Remember SDP negotiation on SIP_CODEC_INBOUND.
      (Reported by Alexander Traud)
 * ASTERISK-26673 - chan_pjsip: Crash when using CHANNEL dialplan
      function around masquerade (Reported by Joshua Colp)
 * ASTERISK-26684 - res_pjsip: Various issues with compact SIP
      headers (Reported by Joshua Elson)
 * ASTERISK-26655 - [patch]pjsip: Transfers Broken with Compact
      Headers Enabled (Reported by JoshE)
 * ASTERISK-26621 - app_queue: Queue application does not ring
      members with Local interface (Reported by Jonas Kellens)
 * ASTERISK-26586 - chan_sip: Segfaults upon reload if client with
      MWI wasn't registered (Reported by Michael Kuron)
 * ASTERISK-25494 - build:  GCC 5.1.x catches some new const, array
      bounds and missing paren issues (Reported by George Joseph)
 * ASTERISK-24499 - Need more explicit debug when PJSIP dialstring
      is invalid (Reported by Rusty Newton)
 * ASTERISK-25083 - Message.c: Message channel becomes saturated
      with frames leading to spammy log messages (Reported by Jonathan
      Rose)
 * ASTERISK-26653 - pjproject_bundled doesn't verify already
      downloaded tarballs (Reported by George Joseph)
 * ASTERISK-26433 - chan_sip: Allows To-tag checks to be bypassed,
      setting up new calls (Reported by Walter Doekes)
 * ASTERISK-26579 - codec_opus: Recursiveness when parsing fmtp
      line (Reported by Jørgen H)
 * ASTERISK-26644 - PJSIPShowRegistrationsInbound just dumps all
      aors (Reported by George Joseph)
 * ASTERISK-26490 - res_pjsip: sends 481 Call/Transaction Does Not
      Exist when transaction branch parameter contains "_" (Reported
      by Juris Breicis)
 * ASTERISK-26617 - res_rtp_asterisk: Can't bind on systems without
      IPv6 (Reported by Guido Falsi)
 * ASTERISK-24330 - Requirement for 'wss' value in Contact header
      transport parameter on inbound traffic violates RFC7118
      (Reported by Marek Cervenka)
 * ASTERISK-26546 - mips64el and x32 - undefined reference to
      symbol 'dlopen@@GLIBC_2.2' (Reported by Tzafrir Cohen)
 * ASTERISK-26566 - res_rtp_asterisk: RTT miscalculation in RTCP
      (Reported by Hector Royo Concepcion)
 * ASTERISK-26604 - chan_sip: sip reload doesn't apply changes to
      tlscertfile, tlsciphers, etc. (Reported by Michael Kuron)
 * ASTERISK-26603 - [patch] chan_pjsip: not switching sending codec
      to receiving codec when asymmetric_rtp_codec=no (Reported by
      Alexei Gradinari)
 * ASTERISK-26523 - chan_sip: Asterisk 13.12.1 disconnects incoming
      calls after 2 minutes - rtptimeout behaving badly - regression
      (Reported by Michael Keuter)
 * ASTERISK-26503 - app_voicemail: Asterisk crashes when
      MailboxExists is used (Reported by Doug Lytle)

Improvements made in this release:
-----------------------------------
 * ASTERISK-23828 - pjsip - Need a command to list active SIP
      subscriptions (Reported by Rusty Newton)
 * ASTERISK-26527 - Testsuite: increase timeout to check "core
      fullybooted wait" up to 30 sec (Reported by Badalian Vyacheslav)
 * ASTERISK-26624 - res_calendar_caldav: Add support for gmail
      (Reported by Eduardo Scudeller Libardi)
 * ASTERISK-26562 - app_controlplayback: Transmit Silence on
      ControlPlayback pause (Reported by Mikheili Dautashvili)

For a full list of changes in this release, please see the ChangeLog:

http://downloads.asterisk.org/pub/telep … og-13.14.0

Thank you for your continued support of Asterisk!

-----